Data processing with a key

ABSTRACT

In a data processing device (DTD), a first key (K1) is produced based on a secret key (K) so that the latter is never used in clear. In a preliminary step, the secret key (K) and a random number (R1) are applied (I 2 ) to a function (F 1 ) producing the first key (K1). The first key and the random number are pre-stored (I 3 ) in the device. For example, for each data (BD) processing (ET), the first key and another random number (R2) are applied (E 2 ) to another function (F 2 ) to produce a second key (K2), and the second key and the stored number (R1) are applied (E 3 ) as inverse (F 1   −1 ) of the function (F 1 ) to produce a third key (K3) used for processing the data, properly speaking. The device can be a smart card and the data the confidential code presented to the card.

[0001] The present invention concerns in general terms any electronicdata processing means in which data have to be processed by means of asecret key.

[0002] For example, the data processing concerns an enciphering of thedata according to a predetermined enciphering algorithm. The data areenciphered block by block. For each data block, the secret keyconstitutes the enciphering key and is applied to the algorithm with thedata block in order to produce enciphered data.

[0003] The data processing means, in general a microcontroller, forexample included in a terminal or in a smart card, contains a read onlymemory in which the enciphering key is prestored when the processingmeans is manufactured.

[0004] To take cognisance of the data which are enciphered, it is knownthat an attacker, an ill-intentioned person, seeks to read theenciphering key in the processing means, or to make an analysis of theelectrical consumption by connecting a voltage-measuring apparatus tothe electrical interface between the processing means and the outsideworld, or at a bus internal to the processing means when it isaccessible.

[0005] So as to guard against such an attack, it is known how to apply afirst random number and the enciphering key to a predetermined logicfunction in order to produce a processing key so as to execute theenciphering algorithm with this processing key. Thus, each time a datablock is to be enciphered, a first random number is generated and anenciphering key is produced different from the enciphering keys for theprevious encipherings. This enciphering method makes it much moredifficult for an attacker to seek the enciphering key, since theprocessing key used at each enciphering is by nature random.

[0006] However, this known method manipulates the enciphering key inclear in the memory of the processing means.

[0007] The objective of the invention is to remedy the vulnerability ofthe secret key in the data processing means in order to make itinaccessible.

[0008] To this end, a method for processing data with a first key in adata processing means is characterised in that it comprises, beforehandand once for all the data processings, an application of a secret keyand a first random number to a first function in order to produce thefirst key in the processing means, and prestorage of the first key andfirst random number in the processing means.

[0009] Although the first key serving for the data processing depends onthe secret key and the first random number, the secret key is not storedin the processing means, and the first key produced is stored inadvance. At each data processing, the secret key is thus not used orconverted in clear.

[0010] For example, the first and second functions are exclusive-ORfunctions, and the data processing is a data enciphering.

[0011] According to a first preferred embodiment of the invention, themethod comprises, for each data processing, a generation of a secondrandom number, an application of the first key and second random numbergenerated to a second function in order to produce a second key, and anapplication of the second key and the prestored first random number to afunction which is the inverse of the first function in order to producea third key used for the data processing.

[0012] According to a second preferred embodiment of the invention, themethod is particularly advantageous for the verification of aconfidential code, constituting the data to be processed, presented tothe data processing means, such as a smart card. The confidential codepresented and the second random number generated are then applied to thesecond function in order to produce a transformed presented code, inparallel to the applications relating to the first key, and the dataprocessing comprises a comparison of the third key and the transformedpresented code.

[0013] Other characteristics and advantages of the present inventionwill emerge more clearly from a reading of the following description ofseveral preferred embodiments of the invention with reference to thecorresponding accompanying drawings, in which:

[0014]FIG. 1 is an algorithm of the main steps of the data processingmethod according to the invention;

[0015]FIG. 2 is a block diagram similar to FIG. 1, detailing a dataprocessing for enciphering according to the first embodiment of theinvention;

[0016]FIG. 3 is a block diagram similar to FIG. 1, detailing a dataprocessing for a confidential code in the context of a smart card as anelectronic data processing means, according to the second embodiment ofthe invention; and

[0017]FIG. 4 is a schematic block diagram showing a system forimplementing the data processing method according to the invention inthe context of a smart card.

[0018] As is clear from FIG. 1, the data processing method according tothe preferred embodiment of the invention comprises in advanceinitialisation steps I1 to I3 for determining, as a function of a secretkey K, a first key K1, referred to as the processing key, to be storedin an electronic data processing device DTD, and a cyclic dataprocessing step ET each time data are to be processed in the device DTD,as indicated at an initial step E0 in FIG. 1. For example, when the dataprocessing device is a smart card, the supplier of the data processingdevice can himself execute the initial steps I1 to I3 in a cardmarketing bureau, when each card is acquired, for example at the time ofsubscription to a service accessible to the functionalities of the card,or as a variant when the card itself is manufactured.

[0019] In advance, care has been taken that, at a first step I0, aprocessing algorithm AL and a function F1 characteristic of theinvention are implemented in the memory of the processing device.

[0020] At the initial step I1, a secret key K is determined and writtenin random access memory RAM in the data processing device DTD, forexample according to data formed by the manufacturer of the device.Then, immediately at the following step I2, a first random number R1 isgenerated and applied with the secret key K to the first function F1 inorder to produce the processing key K1.

[0021] At the end of the initialisation at step I3, the processing keyK1 and the first random number R1 are stored in a non-volatile memory ofthe data processing device DTD, for example a EEPROM memory.

[0022] Thus only the processing key K1, and not the secret key K, whichwas continuously contained in memory in the data processing devicesaccording to the prior art, is stored in memory in the device DTD. Thedata processing at subsequent steps ET never uses the secret key K inclear, which is not stored in the device DTD.

[0023] According to the first embodiment shown in FIG. 2, the processingstep ET concerns an enciphering or encrypting of the data, or othersimilar processing. The step ET comprises the cycle of the dataprocessing steps E1 to E4 which is executed as indicated at the initialstep E0 whenever data are to be processed in accordance with aprocessing algorithm AL1 at step E4 in the device DTD. For example,steps E1 to E4 are performed each time the device DTD is to transmit aprocessed data block BD to the outside world, for example to an hostterminal when the device DTD is a smart card, or whenever an operationis to be performed on a data block.

[0024] When the processor constituting the central processing unit ofthe data processing device decides to process data at step E0, a secondrandom number R2 is generated and the first key K1 which had beenprestored at step I3 is read in the non-volatile memory, at step E1. Thefirst key K1 and the first random number R1 are applied to a secondfunction F2 in order to produce a result K2=F2(K1, R1) at the followingstep E2. The second function F2 was implemented with the first functionF1 in the memory of the device DTD at the initial step I0. The result K2of this application constitutes a second key K2 entered in a registerinternal to the device DTD.

[0025] Then the second key K2 and the first prestored random number R1are read in order to apply them to a function F1 ⁻¹ which is the inverseof the first function F1 so as to produce a third key

[0026] K3=F1 (K2, R1) which is equal to

[0027] F1 ⁻¹(F2(K1, R2), R1)=F1 ⁻¹(F2(F1(K, R1), R2), R1)

[0028] that is to say K3=F2(K, R2).

[0029] Finally, at step E4, the data block BD to be processed is readand is applied with the previously produced third key K3 to the dataprocessing algorithm AL1. For example, the data processing algorithm AL1is a data enciphering algorithm, such as the known algorithm DES (DataEncryption Standard) or RSA (Rivest, Shamir, Adleman), or a compressionalgorithm, or an authentication algorithm for the device DTD.

[0030] Thus the data block BD is processed by the algorithm AL dependenton a key K3 which is a function solely of the secret key K and of thesecond random number R2 generated in the processing device and thereforedifferent from one data processing BD to the following, so that thisthird key serving for the processing proper of the data cannot bededuced directly from the first key K1, which is the only one storedpermanently in the device DTD.

[0031] As a variant, as shown at a step E5 executed in parallel with thestep E3 in FIG. 2, the data block BD to be processed and a third randomnumber R3, which is generated by the processor and is a priori differentfrom the second random number R2, are applied to a third function F3which is also implemented in advance in the device DTD at step I0. Thefunction F3 produces modified data DM=F3(BD, R3), which are processedaccording to the processing algorithm AL1 according to the third key K3produced at step E4 according to FIG. 2, or more generally according toa processing of the processing key K1 at the step ET according to FIG.1.

[0032] By way of simple example, the first, second and third functionsF1, F2 and F3 are simple logic functions, such as the exclusive OR, forwhich the inverse function corresponding to the function F1 ⁻¹ is alsoan exclusive OR. Thus, at the end of step E3, there is:

[0033] K3=((K⊕R1)⊕R2)⊕R1, that is to say K3=K⊕R2.

[0034] According to another example, the functions F1 and F2 areadditions, the function F1 ⁻¹ which is the inverse of the function F1being a subtraction.

[0035] According to the second embodiment of the invention shown in FIG.3, the method of using a processing key serves to increase the securityof the control of the confidential code, as a secret key, associatedwith a chip card CA, also referred to as a microcontroller card orintegrated circuit card (Smart Card), as a data processing device, inorder to prevent any manipulation of the secret key in the smart card.

[0036] It is stated schematically with reference to FIG. 4 that a smartcard CA is composed of a microcontroller comprising a central processingunit CPU formed by a microprocessor PR, a memory MO of the ROM typeincluding an operating system OS for the card and in particular specificcommunication application and authentication algorithms and in this casethe data processing algorithm AL and the functions F1 and F2 accordingto the data processing method of the invention, a non-volatile memoryMNV of the programmable and erasable type, such as a EEPROM memory,which contains data in particular related to the possessor of the cardand to the supplier of the card, and a memory MA of the RAM typeintended to receive in particular data from a card acceptance terminalTE. All the components PR, MO, MNV and MA are connected together by aninternal bus BU.

[0037] An host terminal TE, such as a bank terminal or a telephoneterminal, is equipped with a keypad CL for in particular keying in aconfidential code CP, also referred to as a secret code, to be presentedto the card. Into a reader LE of the terminal TE there is inserted partof the card CA containing the microcontroller and supporting typicallyeight electrical contacts of an electrical connection LI between thereader LE and the bus BU internal to the card CA when the card is of thecontact type.

[0038] Referring to FIG. 3, there are found therein the data processingsteps E1 to E3 already described, preceded by the initial steps I0 to I3according to FIG. 1.

[0039] These steps E1 to E3 are executed after an initial step E01following on from the insertion of the card C1 into the reader LE of thehost terminal TE, which is thus connected by the electrical connectionLI of the internal bus BU to the microcontroller of the card CA.

[0040] At the time of each data processing within the meaning of theinvention, corresponding to each use of the card in this smart cardcontext, a presented confidential code CP, which must normally beidentical to the secret key K never kept in clear in the card, is keyedin on the keypad CL of the terminal TE at step E0 in order to verify thecode presented in the card CA, followed by the pressing of a validationkey. Either as the figures of the presented code are keyed in, forexample four in number, or in a block, the terminal TE transmits thepresented confidential code CP, constituting a data block BD accordingto FIG. 2, to the card CA through the connection LI and the bus BU sothat it is written in the RAM memory MA, at step E02.

[0041] The validation of the writing in RAM memory MA of the presentedconfidential code CP triggers the following steps E1 to E3.

[0042] In parallel in particular to step E2, during which the first keyK1 and the second random number R2 are applied to the second functionF2, the processor PR applies the presented confidential code CPcontained in the memory MA and the second random number R2 to the secondfunction F2 in order to produce and store a transformed presented codeCPT=F2(CP, R2) at a step E51. The number R2 is generated by thepseudo-random generator associated with the processor PR.

[0043] Finally, at step E4, the processor applies the third key K3=F2(K,R2) which has just been determined at step E3 and the transformedpresented code CPT=F2(CP, R2) read in memory, to the processingalgorithm AL1, which comprises, according to this second embodiment, acomparison of the third key K3 and the transformed presented code CPT.If the key K3 is identical to the transformed presented code CPT,functionalities of the card CA are accessible through the terminal TE,for example in order to access a service such as a payment service or atelephone service. If not, when the key K3 is different from the codeCPT, other attempts at keying in another presented code in a limitednumber may be made on the keypad CL.

[0044] Thus, according to the invention, the secret key K is not storedin the smart card and is therefore not manipulated in the card for eachverification of the presented confidential code CP. In addition,although the secret key K is initially combined with the first randomnumber R1 which is constant throughout the use of the card inassociation with the secret key, the key K3 serving for the comparisonis different at each verification for which a random number R2 isgenerated. This guarantees that the verification of the presented codeCP is never executed in the same way in the smart card.

[0045] Preferably two smart cards, or more generally two data processingdevices associated with identical secret keys, are associated withdifferent first random numbers R1. The random numbers R1 being a prioridifferent for the two cards, the effects of the manipulation of theserandom numbers cannot serve to characterise the cards.

[0046] Preferably, a respective first random number R1 corresponds toeach secret key K. Thus, advantageously, when the secret key associatedwith a card is modified, the first random number R1 is also modified.For example, if two figures of a secret key are reversed, the first tworandom numbers corresponding to these two secret key versions aredifferent. This variant makes it possible to avoid the recognition of afirst random number in a first card by virtue of the manipulation of therandom number in another card associated with a secret key common withthe first card.

[0047] In the above description, it will be understood that the smartcard covers all known types of smart card, also referred to asmicrocontroller cards, such as the contact or contactless cards set outbelow by way of non-limiting example: credit cards (Visa cards), paymentcards, telephone cards, SIM (Subscriber Identity Module) cards,“additional” cards, central purchasing cards, gaming cards etc. Moregenerally, the invention concerns not only smart cards but otherportable electronic objects designated indifferently as electronic dataprocessing means or devices, such as electronic assistants ororganisers, electronic purses, tokens, pocket calculators etc.

[0048] The terminal accepting the electronic data processing means canfor example be of the type consisting of a computer terminal, a personalcomputer, in particular a portable computer, a bank terminal, a point ofsale terminal, a radio telephone terminal, a device for controllingaccess to a room or to a safe etc. The accepting means can be remotefrom the data processing means, these being connected by any datatransmission means. The secret key within the meaning of the inventionis also designated in certain contexts as a confidential code, passwordor secret code, or a personal identification number PIN or CHV (CardHolder Verification) or PTI (Personal Telecommunication Identifier), inparticular for radio telephone terminal SIM cards.

[0049] The presented confidential code is in general an alphanumericcode. It can be applied to the data processing means, smart card orportable electronic object, by any known code entry means, other than akeypad, for example by voice and voice recognition, or by therecognition of a biometric signature, for example at least onefingerprint.

1. A method for processing data (BD) with a first processing key (K1) ina data processing means (DTD), characterised in that it comprises, inadvance and once for all the data processings, an application (I2) of asecret key (K) and of a first random number (R1) to a first function(F1) by producing the first key (K1) in the processing means (DTD), anda prestorage (I3) of the first key and of the first random number in theprocessing means.
 2. A method according to claim 1, according to whichtwo data processing means (DTD) associated with identical secret keys(K) are associated with different first random numbers (R1).
 3. A methodaccording to claim 1 or 2, according to which the first random number(R1) is modified when the secret key (K) associated with the processingmeans (DTD) is modified.
 4. A method according to any one of claims 1 to3, comprising, for each data processing (E4), a generation (E1) of asecond random number (R2), an application (E2) of the first key (K1) andof the second generated random number (R2) to a second function (F2) inorder to produce a second key (K2), and an application (E3) of thesecond key (K2) and of the first prestored random number (R1) to afunction (F1 ⁻¹) which inverse of the first function in order to producea third key (K3) used for the data processing (E4).
 5. A methodaccording to claim 4, according to which the first and second functions(F1, F2) are exclusive-OR functions.
 6. A method according to claim 4 or5, according to which the data processing (E4) is a data enciphering. 7.A method according to any one of claims 4 to 6, according to which thedata (BD) to be processed and a third random number (R3) are applied toa third function (F3) in order to produce modified data (DM) processed(E4) according to the third key (K3) or a processing (ET) of the firstkey (K1).
 8. A method according to claim 4, according to which the datato be processed consist of a confidential code (CP) presented (E01) tothe data processing means (DTD), the presented confidential code (CP)and the second generated random number (R2) are applied (E51) to thesecond function (F2) in order to produce a transformed presented code(CPT), and the data processing comprises a comparison (E4) of the thirdkey (K3) and of the transformed presented code (CPT).